package com.nevergetme.nevergetmeweb.config;

public class WebSecurityConfig{

}
//import com.nevergetme.nevergetmeweb.bean.User;
//import com.nevergetme.nevergetmeweb.security.SecurityUser;
//import com.nevergetme.nevergetmeweb.service.UserService;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.core.Authentication;
//import org.springframework.security.core.userdetails.UserDetails;
//import org.springframework.security.core.userdetails.UserDetailsService;
//import org.springframework.security.core.userdetails.UsernameNotFoundException;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.Md4PasswordEncoder;
//import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
//import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
//
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//
//@Configuration
//@EnableWebSecurity
//public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
//    private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
//    @Override
//    protected void configure(HttpSecurity http) throws Exception { //配置策略
//        http.csrf().disable();
//        http.authorizeRequests().
//                antMatchers("/").permitAll().
//                antMatchers("/404").permitAll().
//                antMatchers("/article/*").permitAll().
//                antMatchers("/article/showArticle/*").permitAll().
//                antMatchers("/icon/**").permitAll().
//                antMatchers("/js/**").permitAll().
//                antMatchers("/css/**").permitAll().
//                antMatchers("/plug/**").permitAll().
//                antMatchers("/source/**").permitAll().
//                antMatchers("/bootstrap/**").permitAll().
////                antMatchers("/createUser").permitAll().
//                antMatchers("/getCurrentUser").permitAll().
//                antMatchers("/editArticle").permitAll().anyRequest().authenticated().
//                and().formLogin().loginPage("/login").defaultSuccessUrl("/").permitAll().successHandler(loginSuccessHandler()).
//                and().rememberMe().tokenValiditySeconds(1209600).key("myKey").
//                and().logout().permitAll().invalidateHttpSession(true).
//                deleteCookies("JSESSIONID").logoutSuccessHandler(logoutSuccessHandler()).
//                and().sessionManagement().maximumSessions(10).expiredUrl("/login");
//    }
//    @Autowired
//    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder());
//        auth.eraseCredentials(false);
//    }
//
//    @Bean
//    public Md4PasswordEncoder passwordEncoder() { //密码加密
//        return new Md4PasswordEncoder();
//    }
//
//    @Bean
//    public LogoutSuccessHandler logoutSuccessHandler() { //登出处理
//        return new LogoutSuccessHandler() {
//            @Override
//            public void onLogoutSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
//                try {
//                    SecurityUser user = (SecurityUser) authentication.getPrincipal();
//                    logger.info("USER : " + user.getUsername() + " LOGOUT SUCCESS !  ");
//                } catch (Exception e) {
//                    logger.info("LOGOUT EXCEPTION , e : " + e.getMessage());
//                }
//                httpServletResponse.sendRedirect("/login");
//            }
//        };
//    }
//
//    @Bean
//    public SavedRequestAwareAuthenticationSuccessHandler loginSuccessHandler() { //登入处理
//        return new SavedRequestAwareAuthenticationSuccessHandler() {
//            @Override
//            public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
//                User userDetails = (User) authentication.getPrincipal();
//                logger.info("USER : " + userDetails.getUsername() + " LOGIN SUCCESS !  ");
////                System.out.println("USER : " + userDetails.getUsername() + " LOGIN SUCCESS !  ");
//                super.onAuthenticationSuccess(request, response, authentication);
//            }
//        };
//    }
//    @Bean
//    public UserDetailsService userDetailsService() {    //用户登录实现
//        return new UserDetailsService() {
//            @Autowired
//            private UserService userRepository;
//            @Override
//            public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
//                User user = userRepository.findUserByUserName(s);
//                if (user == null) throw new UsernameNotFoundException("Username " + s + " not found");
//                return new SecurityUser(user);
//            }
//        };
//    }
//}
